[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Tue Sep 18 09:10:22 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
51a48bcb by security tracker role at 2018-09-18T08:10:12Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,23 @@
+CVE-2018-17153
+	RESERVED
+CVE-2018-17152
+	RESERVED
+CVE-2018-17151
+	RESERVED
+CVE-2018-17150
+	RESERVED
+CVE-2018-17149
+	RESERVED
+CVE-2018-17148
+	RESERVED
+CVE-2018-17147
+	RESERVED
+CVE-2018-17146
+	RESERVED
+CVE-2018-17145
+	RESERVED
+CVE-2018-17144
+	RESERVED
 CVE-2018-17143 (The html package (aka x/net/html) through 2018-09-17 in Go mishandles ...)
 	TODO: check
 CVE-2018-17142 (The html package (aka x/net/html) through 2018-09-17 in Go mishandles ...)
@@ -403,22 +423,22 @@ CVE-2018-16961
 	RESERVED
 CVE-2018-16960
 	RESERVED
-CVE-2018-16959
-	RESERVED
-CVE-2018-16958
-	RESERVED
-CVE-2018-16957
-	RESERVED
-CVE-2018-16956
-	RESERVED
-CVE-2018-16955
-	RESERVED
-CVE-2018-16954
-	RESERVED
-CVE-2018-16953
-	RESERVED
-CVE-2018-16952
-	RESERVED
+CVE-2018-16959 (An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. ...)
+	TODO: check
+CVE-2018-16958 (An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. ...)
+	TODO: check
+CVE-2018-16957 (The Oracle WebCenter Interaction 10.3.3 search service queryd.exe ...)
+	TODO: check
+CVE-2018-16956 (The AjaxControl component of Oracle WebCenter Interaction Portal 10.3.3 ...)
+	TODO: check
+CVE-2018-16955 (The login function of Oracle WebCenter Interaction Portal 10.3.3 is ...)
+	TODO: check
+CVE-2018-16954 (An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. ...)
+	TODO: check
+CVE-2018-16953 (The AjaxView::DisplayResponse() function of the portalpages.dll ...)
+	TODO: check
+CVE-2018-16952 (The Oracle WebCenter Interaction Portal 10.3.3 does not implement ...)
+	TODO: check
 CVE-2017-18347 (Incorrect access control in RDP Level 1 on STMicroelectronics STM32F0 ...)
 	NOT-FOR-US: STMicroelectronics STM32F0 series devices
 CVE-2018-16976 (Gitolite before 3.6.9 does not (in certain configurations involving ...)
@@ -5941,8 +5961,7 @@ CVE-2018-14633
 	RESERVED
 CVE-2018-14632 (An out of bound write can occur when patching an Openshift object ...)
 	NOT-FOR-US: OpenShift
-CVE-2018-14631
-	RESERVED
+CVE-2018-14631 (moodle before versions 3.5.2, 3.4.5, 3.3.8 is vulnerable to a boost ...)
 	- moodle <removed>
 CVE-2018-14630 (moodle before versions 3.5.2, 3.4.5, 3.3.8, 3.1.14 is vulnerable to an ...)
 	- moodle <removed>
@@ -90845,8 +90864,8 @@ CVE-2017-2874 (An information disclosure vulnerability exists in the Multi-Camer
 	TODO: check
 CVE-2017-2873
 	RESERVED
-CVE-2017-2872
-	RESERVED
+CVE-2017-2872 (Insufficient security checks exist in the recovery procedure used by ...)
+	TODO: check
 CVE-2017-2871 (Insufficient security checks exist in the recovery procedure used by ...)
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
 CVE-2017-2870 (An exploitable integer overflow vulnerability exists in the ...)
@@ -90884,14 +90903,14 @@ CVE-2017-2859
 	RESERVED
 CVE-2017-2858 (An exploitable denial-of-service vulnerability exists in the traversal ...)
 	NOT-FOR-US: Natus Xltek NeuroWorks
-CVE-2017-2857
-	RESERVED
-CVE-2017-2856
-	RESERVED
+CVE-2017-2857 (An exploitable buffer overflow vulnerability exists in the DDNS client ...)
+	TODO: check
+CVE-2017-2856 (An exploitable buffer overflow vulnerability exists in the DDNS client ...)
+	TODO: check
 CVE-2017-2855
 	RESERVED
-CVE-2017-2854
-	RESERVED
+CVE-2017-2854 (An exploitable buffer overflow vulnerability exists in the DDNS client ...)
+	TODO: check
 CVE-2017-2853 (An exploitable Code Execution vulnerability exists in the ...)
 	NOT-FOR-US: Natus Xltek NeuroWorks
 CVE-2017-2852 (An exploitable denial-of-service vulnerability exists in the ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/51a48bcb093b2e9a2b1560ec4a1771d0fe94b2c6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/51a48bcb093b2e9a2b1560ec4a1771d0fe94b2c6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180918/a1aa78bd/attachment.html>

More information about the debian-security-tracker-commits mailing list